Ivanti Connect Secure flaw massively exploited by attackers (CVE-2024-21893)

CVE-2024-21893, a server-side request forgery (SSRF) vulnerability affecting Ivanti Connect Secure VPN gateways and Policy Secure (a network access control solution), is being exploited by attackers. About CVE-2024-21893 CVE-2024-21893 allows a attackers to bypass authentication requirements and access certain restricted resources on vulnerable solutions. It affects the SAML component of: Ivanti Connect Secure (9.x, 22.x) Ivanti Policy Secure (9.x, 22.x) Ivanti Neurons for ZTA (SaaS-delivered zero trust network access solution) Its existence, along with that … More → The post Ivanti Connect Secure flaw massively exploited by attackers (CVE-2024-21893) appeared first on Help Net Security.
http://news.poseidon-us.com/T2QzJk

Ivanti Connect Secure flaw massively exploited by attackers (CVE-2024-21893)

Like this:

Related

More Posts

Quick & Dirty Obfuscated JavaScript Analysis, (Sun, Nov 24th)

Week in review: 0-days exploited in Palo Alto Networks firewalls, two unknown Linux backdoors identified

Decrypting a PDF With a User Password, (Sat, Nov 23rd)

Wireshark 4.4.2 Released, (Sat, Nov 23rd)

DOGE leaders seek telework rollback, but agencies say it improves retention

House GOP setting up DOGE subcommittee to address ‘wasteful’ federal spending

House GOP setting up DOGE subcommittee to address ‘wasteful’ federal spending

Researchers develop an efficient way to train more reliable AI agents

What to know about Pam Bondi, Trump’s new pick for attorney general

Risk and Compliance Exchange 2024: Summit 7’s Jacob Horne on why CMMC 2.0 is ‘the finish line, not the starting line’

Share this:

Like this:

Related

More Posts